html_url,issue_url,id,node_id,user,user_label,created_at,updated_at,author_association,body,reactions,issue,issue_label,performed_via_github_app
https://github.com/simonw/datasette/issues/1850#issuecomment-1289702146,https://api.github.com/repos/simonw/datasette/issues/1850,1289702146,IC_kwDOBm6k_c5M30sC,9599,simonw,2022-10-24T22:19:04Z,2022-10-24T22:19:04Z,OWNER,"This is going to need a whole bunch of new permissions.
To review: the existing set of permissions are listed here: https://docs.datasette.io/en/0.62/authentication.html#built-in-permissions
- `view-instance`
- `view-database`
- `view-database-download`
- `view-table`
- `view-query`
- `execute-sql`
- `permissions-debug`
- `debug-menu`
I'm going to reuse database terminology for the new permissions. So first draft of those is:
- `insert-row`
- `update-row`
- `delete-row`
- `create-table`
- `drop-table`
- `alter-table`","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421529723,Write API in Datasette core,
https://github.com/simonw/datasette/issues/1850#issuecomment-1289707357,https://api.github.com/repos/simonw/datasette/issues/1850,1289707357,IC_kwDOBm6k_c5M319d,9599,simonw,2022-10-24T22:23:12Z,2022-10-24T22:23:12Z,OWNER,Here's the implementation of `datasette-auth-tokens`: https://github.com/simonw/datasette-auth-tokens/blob/main/datasette_auth_tokens/__init__.py,"{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421529723,Write API in Datasette core,
https://github.com/simonw/datasette/issues/1850#issuecomment-1289703432,https://api.github.com/repos/simonw/datasette/issues/1850,1289703432,IC_kwDOBm6k_c5M31AI,9599,simonw,2022-10-24T22:19:48Z,2022-10-24T22:19:48Z,OWNER,It may turn out that it makes sense to also add a UI for these actions as part of this project. That's still to be determined.,"{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421529723,Write API in Datasette core,
https://github.com/simonw/datasette/issues/1850#issuecomment-1289706439,https://api.github.com/repos/simonw/datasette/issues/1850,1289706439,IC_kwDOBm6k_c5M31vH,9599,simonw,2022-10-24T22:22:17Z,2022-10-24T22:22:17Z,OWNER,"API authentication will be via `Authorization: Bearer XXX` request headers.
I'm inclined to add a default token mechanism to Datasette based on tokens that are signed with the `DATASETTE_SECRET`. Maybe the root user can access `/-/create-token` which provides a UI for generating a time-limited signed token? Could also have a `datasette create-token` command for creating such tokens at the command-line.
Plugins can then define alternative ways of creating tokens, such as the existing https://datasette.io/plugins/datasette-auth-tokens plugin.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421529723,Write API in Datasette core,
https://github.com/simonw/datasette/issues/1851#issuecomment-1289713513,https://api.github.com/repos/simonw/datasette/issues/1851,1289713513,IC_kwDOBm6k_c5M33dp,9599,simonw,2022-10-24T22:29:58Z,2022-10-24T22:30:15Z,OWNER,"Interesting open question: how should validation errors (if any) be returned?
The two forms of validation I can think of at first are:
- Missing keys which are marked as `not null` in the schema
- Keys that do not match to existing columns (if you didn't pass `""alter"": true`, an option I am considering)","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421544654,API to insert a single record into an existing table,
https://github.com/simonw/datasette/issues/1852#issuecomment-1289718660,https://api.github.com/repos/simonw/datasette/issues/1852,1289718660,IC_kwDOBm6k_c5M34uE,9599,simonw,2022-10-24T22:35:01Z,2022-10-24T22:35:01Z,OWNER,"Maybe these tokens can be restricted to specific databases and tables when they are first created?
Since they're signed tokens, I could bundle a bunch of extra stuff in them - this token is allowed to do these permissions against these tables/rows for example.
General wisdom seems to be that 8KB is a sensible maximum length for this kind of token, which is easily long enough to fit in a bunch of database / table / permissions.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421552095,Default API token authentication mechanism,
https://github.com/simonw/datasette/issues/1852#issuecomment-1289733483,https://api.github.com/repos/simonw/datasette/issues/1852,1289733483,IC_kwDOBm6k_c5M38Vr,9599,simonw,2022-10-24T22:54:37Z,2022-10-24T23:12:10Z,OWNER,"Token design concept:
```json
{
""t"": {
""a"": [""ir"", ""ur"", ""dr""],
""d"": {
""fixtures"": [""ir"", ""ur"", ""dr""]
},
""t"": {
""fixtures"": {
""searchable"": [""ir""]
}
}
}
}
```
That JSON would be minified and signed.
Minified version of the above looks like this (101 characters):
`{""t"":{""a"":[""ir"",""ur"",""dr""],""d"":{""fixtures"":[""ir"",""ur"",""dr""]},""t"":{""fixtures"":{""searchable"":[""ir""]}}}}`
The `""t""` key shows this is a token that as a default API key.
`""a""` means ""all"" - these are permissions that have been granted on all tables and databases.
`""d""` means ""databases"" - this is a way to set permissions for all tables in a specific database.
`""t""` means ""tables"" - this lets you set permissions at a finely grained table level.
Then the permissions themselves are two character codes which are shortened versions - so:
- `ir` = `insert-row`
- `ur` = `update-row`
- `dr` = `delete-row`","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421552095,Default API token authentication mechanism,
https://github.com/simonw/datasette/issues/1850#issuecomment-1289696171,https://api.github.com/repos/simonw/datasette/issues/1850,1289696171,IC_kwDOBm6k_c5M3zOr,9599,simonw,2022-10-24T22:15:57Z,2022-10-24T22:15:57Z,OWNER,"I'm going to treat this as a bit of a research spike, at least until I like the direction it is going enough to commit to it.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421529723,Write API in Datasette core,
https://github.com/simonw/datasette/issues/1851#issuecomment-1289752130,https://api.github.com/repos/simonw/datasette/issues/1851,1289752130,IC_kwDOBm6k_c5M4A5C,4399499,ocdtrekkie,2022-10-24T23:07:30Z,2022-10-24T23:07:30Z,NONE,"How are you tying the bearer token to identity? I'm excited to see this feature, and since Sandstorm controls API access using the same header, it also will transparently support the API documentation here, but we strip the bearer before the request reaches the app (replacing it with our existing auth headers, of course).","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421544654,API to insert a single record into an existing table,
https://github.com/simonw/datasette/issues/1852#issuecomment-1289766513,https://api.github.com/repos/simonw/datasette/issues/1852,1289766513,IC_kwDOBm6k_c5M4EZx,9599,simonw,2022-10-24T23:16:00Z,2022-10-24T23:16:00Z,OWNER,"Here's what that example looks like signed:
```python
from datasette.app import Datasette
ds = Datasette()
ds.sign('{""t"":{""a"":[""ir"",""ur"",""dr""],""d"":{""fixtures"":[""ir"",""ur"",""dr""]},""t"":{""fixtures"":{""searchable"":[""ir""]}}}}')
```
```
.eJxTqo5RKolRsgJSiUAqOkYpsyhGSSdGqRRCpQCpWBANUZOWWVFSWpRajFNprQ7cPCS1QF5xamJRckZiUk4qQm9sLRAoAQCC8yph.O0Gaej6-VOLbbtPq7xU6T77jEO0
```
That's 129 characters.
Note that Datasette doesn't have its own mechanism for signing things for a specific duration yet: https://docs.datasette.io/en/stable/internals.html#sign-value-namespace-default
So I'll need to add a `""e"": 1666739744` field with the UTC timestamp at which the token should expire.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421552095,Default API token authentication mechanism,
https://github.com/simonw/datasette/issues/1852#issuecomment-1289776707,https://api.github.com/repos/simonw/datasette/issues/1852,1289776707,IC_kwDOBm6k_c5M4G5D,9599,simonw,2022-10-24T23:29:03Z,2022-10-24T23:29:03Z,OWNER,"I'm going to implement the first version of this token mechanism using permissions that exist already. Right now that's:
https://docs.datasette.io/en/0.62/authentication.html#built-in-permissions
Here are the shortcuts I'll use for them:
- `view-instance` - `vi`
- `view-database` - `vd`
- `view-database-download` - `vdd`
- `view-table` - `vt`
- `view-query` - `vq`
- `execute-sql` - `es`
","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421552095,Default API token authentication mechanism,
https://github.com/simonw/datasette/issues/1852#issuecomment-1289773634,https://api.github.com/repos/simonw/datasette/issues/1852,1289773634,IC_kwDOBm6k_c5M4GJC,9599,simonw,2022-10-24T23:25:06Z,2022-10-24T23:25:06Z,OWNER,"If you start Datasette without providing a `DATASETTE_SECRET` environment variable of `--secret` option it creates a random signing secret that only lasts for the lifetime of the server.
This means any signed API tokens you create will stop working if the server restarts.
I think the `/-/create-token` UI should know when this happens and show a warning message about it, to avoid confusion.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421552095,Default API token authentication mechanism,
https://github.com/simonw/datasette/issues/1852#issuecomment-1289774183,https://api.github.com/repos/simonw/datasette/issues/1852,1289774183,IC_kwDOBm6k_c5M4GRn,9599,simonw,2022-10-24T23:25:52Z,2022-10-24T23:25:52Z,OWNER,"... also, maybe there should be a UI (perhaps on that page) for resetting the Datasette secret? Useful for emergency invalidation of all tokens.
No, I'm not going to build that unless someone asks for it. Restarting the server with a fresh secret should be easy enough.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421552095,Default API token authentication mechanism,
https://github.com/simonw/datasette/issues/1852#issuecomment-1289775162,https://api.github.com/repos/simonw/datasette/issues/1852,1289775162,IC_kwDOBm6k_c5M4Gg6,9599,simonw,2022-10-24T23:27:00Z,2022-10-24T23:27:00Z,OWNER,"Might be neat for API tokens to be signed with an additional secret than can be rotated independently of `DATASETTE_SECRET` itself, in order to invalidate all tokens without needing to invalidate logged in users too.
But again, I don't want to implement something like that until I see an actual need for it.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1421552095,Default API token authentication mechanism,
https://github.com/simonw/datasette/pull/1842#issuecomment-1278306180,https://api.github.com/repos/simonw/datasette/issues/1842,1278306180,IC_kwDOBm6k_c5MMWeE,22429695,codecov[bot],2022-10-14T00:11:46Z,2022-10-24T02:04:52Z,NONE,"# [Codecov](https://codecov.io/gh/simonw/datasette/pull/1842?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison) Report
Base: **92.52**% // Head: **92.54**% // Increases project coverage by **`+0.02%`** :tada:
> Coverage data is based on head [(`3623475`)](https://codecov.io/gh/simonw/datasette/pull/1842?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison) compared to base [(`79aa0de`)](https://codecov.io/gh/simonw/datasette/commit/79aa0de083d38a9975915d5a4cc68ca6c74fbe3d?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison).
> Patch coverage: 100.00% of modified lines in pull request are covered.
Additional details and impacted files
```diff
@@ Coverage Diff @@
## main #1842 +/- ##
==========================================
+ Coverage 92.52% 92.54% +0.02%
==========================================
Files 35 35
Lines 4415 4428 +13
==========================================
+ Hits 4085 4098 +13
Misses 330 330
```
| [Impacted Files](https://codecov.io/gh/simonw/datasette/pull/1842?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison) | Coverage Δ | |
|---|---|---|
| [datasette/app.py](https://codecov.io/gh/simonw/datasette/pull/1842/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL2FwcC5weQ==) | `94.28% <100.00%> (+0.05%)` | :arrow_up: |
| [datasette/views/database.py](https://codecov.io/gh/simonw/datasette/pull/1842/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL3ZpZXdzL2RhdGFiYXNlLnB5) | `95.29% <100.00%> (+0.06%)` | :arrow_up: |
| [datasette/views/index.py](https://codecov.io/gh/simonw/datasette/pull/1842/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL3ZpZXdzL2luZGV4LnB5) | `96.49% <100.00%> (ø)` | |
| [datasette/views/row.py](https://codecov.io/gh/simonw/datasette/pull/1842/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL3ZpZXdzL3Jvdy5weQ==) | `88.70% <100.00%> (+0.37%)` | :arrow_up: |
| [datasette/views/table.py](https://codecov.io/gh/simonw/datasette/pull/1842/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL3ZpZXdzL3RhYmxlLnB5) | `95.20% <100.00%> (+0.01%)` | :arrow_up: |
Help us with your feedback. Take ten seconds to tell us [how you rate us](https://about.codecov.io/nps?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison). Have a feature suggestion? [Share it here.](https://app.codecov.io/gh/feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison)
![]()
https://latest.datasette.io/_internal/columns
![]()
https://latest.datasette.io/_internal/columns/_internal,columns,cid
![]()
https://latest.datasette.io/_internal/from_hook
![]()
That's all as it should be.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1396948693,Table/database that is private due to inherited permissions does not show padlock,
https://github.com/simonw/datasette/issues/1848#issuecomment-1288327467,https://api.github.com/repos/simonw/datasette/issues/1848,1288327467,IC_kwDOBm6k_c5MylEr,9599,simonw,2022-10-24T02:30:48Z,2022-10-24T02:31:04Z,OWNER,"Here's the code at fault: https://github.com/simonw/datasette/blob/78dad236df730212aa7172f885fd8ec575f0d3ad/datasette/views/database.py#L67-L116
Those checks aren't doing the new cascading permissions thing added in #1829 which means they can't tell that an anonymous user would not be able to se those tbles and queries and views.
Should do something like this instead:
```python
view_visible, view_private = await self.ds.check_visibility(
request.actor,
permissions=[
(""view-table"", (database, view_name)),
(""view-database"", database),
""view-instance"",
],
)
```","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1420090659,Private database page should show padlock on every table,
https://github.com/simonw/datasette/issues/1848#issuecomment-1288330238,https://api.github.com/repos/simonw/datasette/issues/1848,1288330238,IC_kwDOBm6k_c5Mylv-,9599,simonw,2022-10-24T02:34:41Z,2022-10-24T02:34:41Z,OWNER,"Tested my fix with this `metadata.yml`:
```yaml
databases:
fixtures:
allow:
id: root
tables:
123_starts_with_digits:
allow: true
```
Signed in as root I saw this - showing that the `123_starts_with_digits` table is public:
![]()
","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1420090659,Private database page should show padlock on every table,
https://github.com/simonw/datasette/issues/1848#issuecomment-1288340476,https://api.github.com/repos/simonw/datasette/issues/1848,1288340476,IC_kwDOBm6k_c5MyoP8,9599,simonw,2022-10-24T02:50:29Z,2022-10-24T02:50:29Z,OWNER,"https://latest.datasette.io/_internal now looks like this:
![]()
","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1420090659,Private database page should show padlock on every table,
https://github.com/simonw/datasette/issues/1849#issuecomment-1288384098,https://api.github.com/repos/simonw/datasette/issues/1849,1288384098,IC_kwDOBm6k_c5Myy5i,9599,simonw,2022-10-24T04:03:09Z,2022-10-24T04:03:09Z,OWNER,"Looks like the new breadcrumbs code can't handle the case where `request` is `None`.
Need a test that demonstrates this too.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1420174670,NoneType' object has no attribute 'actor',
https://github.com/simonw/datasette/issues/1849#issuecomment-1288384907,https://api.github.com/repos/simonw/datasette/issues/1849,1288384907,IC_kwDOBm6k_c5MyzGL,9599,simonw,2022-10-24T04:04:02Z,2022-10-24T04:04:02Z,OWNER,"Refs:
- #1831 ","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1420174670,NoneType' object has no attribute 'actor',